SEARCH
All Articles
Industry Alliance to Make Security Products Work Together
Some of the biggest names in security have banded together for a new industry initiative to make it easier for different security technologies to work together.
Imperva Breach Stemmed From Compromised Internal Compute Instance
A data breach disclosed in August by Imperva came from an AWS API key stolen from a compromised internal compute instance in 2017.
California Releases Draft Rules for CCPA
CCPA becomes law on Jan. 1. The California Department of Justice has released draft rules on how businesses should make sure they don't violate the new data privacy law.
FIN7 Attackers Roll Out New Tools
The FIN7 group has begun deploying new tools, including a module that specifically targets a remote administration tool for payment card systems.
Audit Uncovers Critical Flaw in iTerm2
A Mozilla-funded security audit of the iTerm2 terminal emulator for macOS found a critical remote-code execution bug.
Microsoft Identifies Targeted Attacks on Presidential Campaign, Government Officials
An attack group known as Phosphorus that is linked to the Iranian government has targeted email accounts of U.S. government officials and people associated with a presidential campaign.
Complying With the California Privacy Law Could Cost $55 Billion
Companies pay attention to privacy legislation and regulations because they don't want the penalties and fines. There is also a hefty cost associated with becoming compliant in the first place.
FBI Okays Paying in a Ransomware Attack
The FBI does not advocate paying a ransom because there's no guarantee the organization will get the data back, but acknowledged in an updated guidance that sometimes, for some organizations, paying the ransom makes a lot of sense.
Urgent/11 Flaws Now Affect Broader Range of Medical, Network Devices
The Urgent/11 vulnerabilities in the IPnet stack affect a much broader range of devices than originally thought.
Geost Android Botnet Discovered by Basic Mistakes
Even the most sophisticated botnet can be discovered if the group doesn't take steps to hide its activities.
Nevada Joins the Ranks of States With Consumer Privacy Laws
Nevada joins the list of states with legislation on the books giving residents more control over how their personal information is used.
Serious New Bug Emerges in Exim
A newly discovered buffer overflow in the Exim mail server can be used to cause a denial-of-service and possibly remote code execution.
eGobbler Malvertising Campaign Targets Safari, Chrome Users
eGobbler Malvertising Campaign Targets Safari, Chrome Users
Senate Bill Creates DHS Threat Hunting Teams
The Senate has passed a measure that creates threat hunting and response teams to help government agencies and enterprises respond to major cybersecurity incidents.
Magecart’s Evolving Tactics Target Routers
One of the prominent Magecart threat groups, Magecart Group 5 (MG5) appears to be trying to compromise the routers used by airports, cafes, and other public buildings to provide users with public WiFi.